Proof-Of-Work Key Wrapping with Key Thresholding

1. A method comprising: accessing a plurality of cryptographic key shares, wherein two or more of the plurality of cryptographic key shares enable access to content; selecting, by a processing device, a set of cryptographic attributes in view of a characteristic of a computing device; encrypting, by the processing device, the plurality of cryptographic key shares to produce a plurality of wrapped key shares, wherein the plurality of wrapped key shares comprises a wrapped key share that was encrypted in view of the set of cryptographic attributes; configuring, by the processing device, a plurality of proof-of-work tasks that each include a wrapped key share of the plurality of wrapped key shares and at least one cryptographic attribute, wherein the plurality of proof-of-work tasks comprises a proof-of-work task that involves generating candidate unwrapping keys for decrypting the wrapped key share; and providing the proof-of-work task to the computing device, wherein the at least one cryptographic attribute enables the computing device to reduce computing resources consumed by the proof-of-work task to identify an unwrapping key for the wrapped key share and facilitates the access to the content.

2. The method of claim 1 , wherein the plurality of cryptographic key shares comprise secret shares, and possession of a minimum threshold number of the secret shares enables the access to the content.

3. The method of claim 1 , wherein the proof-of-work task is solved by performing a brute force attack to identify the unwrapping key to decrypt the wrapped key share, wherein the at least one cryptographic attribute comprises providing an indication of a key length of the unwrapping key, a key derivation function for the unwrapping key, or a salt value of the unwrapping key.

4. The method of claim 1 , wherein selecting the set of cryptographic attributes comprises selecting the at least one cryptographic attribute that enables the computing device to solve the proof-of-work task and breach of the wrapped key share using a predetermined average quantity of computing resources of the computing device.

5. The method of claim 1 , wherein selecting the set of cryptographic attributes comprises selecting the at least one cryptographic attribute that enables the computing device to solve the proof-of-work task and breach the wrapped key share in a predetermined average quantity of time.

6. The method of claim 1 , wherein selecting the set of cryptographic attributes in view of the characteristic of the computing device comprises: predicting the characteristic of one or more computing resources of the computing device; estimating a quantity of the one or more computing resources consumed to breach a key wrapped in view of a set of candidate cryptographic attributes; and selecting the set of candidate cryptographic attributes in response to the estimated quantity exceeding a minimum threshold value.

7. The method of claim 1 , wherein encrypting the plurality of cryptographic key shares comprises: generating a wrap key in view of the set of cryptographic attributes; and wrapping a cryptographic key share of the plurality of cryptographic key shares using the wrap key.

8. The method of claim 7 , wherein the cryptographic key share is a portion of a symmetric key to encrypt and decrypt the content and wherein the wrap key is a symmetric key for wrapping and unwrapping the cryptographic key share.

9. A system comprising: a memory; and a processing device communicably coupled to the memory, the processing device to: access a plurality of cryptographic key shares, wherein two or more of the plurality of cryptographic key shares enable access to content; select a set of cryptographic attributes in view of a characteristic of a computing device; encrypt the plurality of cryptographic key shares to produce a plurality of wrapped key shares, wherein the plurality of wrapped key shares comprise a wrapped key share that was encrypted in view of the set of cryptographic attributes; configuring, by the processing device, a plurality of proof-of-work tasks that each include a wrapped key share of the plurality of wrapped key shares and at least one cryptographic attribute, wherein the plurality of proof-of-work tasks comprises a proof-of-work task that involves generating candidate unwrapping keys for decrypting the wrapped key share; and providing the proof-of-work task to the computing device, wherein the at least one cryptographic attribute enables the computing device to reduce computing resources consumed by the proof-of-work task to identify an unwrapping key for the wrapped key share and facilitates the access to the content.

10. The system of claim 9 , wherein the plurality of cryptographic key shares comprise secret shares and possession of a minimum threshold number of the secret shares enables the access to the content.

11. The system of claim 9 , wherein the proof-of-work task is solved by performing a brute force attack to identify the unwrapping key and to decrypt the wrapped key share, wherein the at least one cryptographic attribute comprises, an indication of a key length of the unwrapping key, a key derivation function for the unwrapping key, or a salt value of the unwrapping key.

12. The system of claim 9 , wherein to select the set of cryptographic attributes, the processing device is to select the at least one cryptographic attribute that enables the computing device to solve the proof-of-work task and breach the wrapped key share using a predetermined average quantity of computing resources of the computing device.

13. The system of claim 9 , wherein to select the set of cryptographic attributes, the processing device is to select the at least one cryptographic attribute that enables the computing device to solve the proof-of-work task and breach the wrapped key share in a predetermined average quantity of time.

14. The system of claim 9 , wherein to select the set of cryptographic attributes, the processing device is to: predict the characteristic of one or more computing resources of the computing device; estimate a quantity of the one or more computing resources consumed to breach a key wrapped in view of a set of candidate cryptographic attributes; and select the set of candidate cryptographic attributes in response to the estimated quantity exceeding a minimum threshold value.

15. The system of claim 9 , wherein to encrypt the plurality of cryptographic key shares, the processing device is to: generate a wrap key in view of the set of cryptographic attributes; and wrap a cryptographic key share of the plurality of cryptographic key shares using the wrap key.

16. The system of claim 15 , wherein the cryptographic key share is a portion of a symmetric key to encrypt and decrypt the content and wherein the wrap key is a symmetric key for wrapping and unwrapping the cryptographic key share.

17. A non-transitory machine-readable storage medium storing instructions which, when executed, cause a processing device to perform operations comprising: generating a plurality of cryptographic key shares, wherein two or more of the plurality of cryptographic key shares enable access to content; selecting a set of cryptographic attributes in view of a characteristic of a computing device; encrypting the plurality of cryptographic key shares to produce a plurality of wrapped key shares, wherein the plurality of wrapped key shares comprises a wrapped key share that was encrypted in view of the set of cryptographic attributes; configuring, by the processing device, a plurality of proof-of-work tasks that each include a wrapped key share of the plurality of wrapped key shares and at least one cryptographic attribute, wherein the plurality of proof-of-work tasks comprises a proof-of-work task that involves generating candidate unwrapping keys for decrypting the wrapped key share; and providing the proof-of-work task to the computing device, wherein the at least one cryptographic attribute enables the computing device to reduce computing resources consumed by the proof-of-work task to identify an unwrapping key for the wrapped key share and facilitates the an access to the content.

18. The non-transitory machine-readable storage medium of claim 17 , wherein the plurality of cryptographic key shares comprise secret shares and possession of a minimum threshold number of the secret shares enables the access to the content.

19. The non-transitory machine-readable storage medium of claim 17 , wherein the proof-of-work task is solved by performing a brute force attack to identify the unwrapping key and breach the wrapped key share, and wherein the at least one cryptographic attribute comprises an indication of a key length of the unwrapping key, a key derivation function for the unwrapping key, or a salt value of the unwrapping key.

20. The non-transitory machine-readable storage medium of claim 19 , wherein selecting the set of cryptographic attributes comprises selecting the at least one cryptographic attribute that enables the computing device to perform the breach of the wrapped key share using a predetermined average quantity of the computing resources of the computing device.